Using PGP on DragonFly

Pretty Good Privacy (PGP) is a tool to sign and verify files or emails. For DragonFly BSD there are three different ports that implement PGP functionality:

• security/pgp

• security/netpgp

• security/gnupg

Only the latter really worked for me. For instance, my public key created by pgp could not be imported on another system which I assume was using GnuPGP. So I stick here to security/gnupg and describe in the underlying article how to use it to create a key and how to sign and verify binary data.

Creating a key

gpg --gen-key

Then follow the instructions. To show the fingerprint of your key, use:

gpg --fingerprint youremailaddress

Exporting your public key

gpg --export --armor youremailaddress > mykey.asc

You can then send mykey.asc to someone or put it on your homepage for others to download.

Signing a binary file

To generate a detached signature for a file snapshot.tar.gz:

gpg --armor --detach-sign snapshot.tar.gz

This will create snapshot.tar.gz.asc.

Verifying a signed file

To verify the signature from the last step use:

gpg --verify snapshot.tar.gz.asc snapshot.tar.gz

If successful, this should show something similar to:

gpg: Good signature from "Michael ...."